I have been experimenting with Kopia and it seems to work well but I’m trying to understand whether I should be using server mode. I have a Linux NAS with Kopia running in a docker container. It’s running in server mode and I can access the web UI on my LAN devices to manage the backups from the NAS primary drive to the Kopia repo on a secondary backup drive. All seems good.
I’m now looking at introducing some client devices- a Mac and a Windows machine - to backup to the same repo (and take advantage of deduping seen as some of the data is shared across all devices). On the Mac (am starting with this) GUI it seems I can connect to the server with Https but I also have the option of sftp too. So my question is, does it matter which? Sftp might actually be faster?
Searching seems to indicate the main benefit of server mode is access control but I’m not bothered by that on my LAN. Does the server mode help mitigate risk of conflicts/corruption with multiple connected clients? Eg: if there were multiple snapshots run at the same time, or maintenance tasks run when a snapshot is being run?
The main benefits of running a Kopia server are indeed the user management and the centralized maintenance, especially if you’re using one repo to maximize deduplication. As for performance, Kopia server’s HTTPS will always outperform SFTP unless you are pouring quite some effort into the setup of your SFTP connections. However, even the two main benefits are enough for me to go with Kopia server.
Great - thank you! I was getting a little confused with user management/authentication but I think I now understand - appreciate if anyone can confirm/clarify:
There’s the core fundamental authentication of the repo password to decrypt (this is separate from server config and just the main cross-platform key for accessing/decrypting the repo in any context)
There is a server password (I think this is to access the web gui?)
There’s then kopia’s internal user management. I was confusing these with the linux/client OS users because of the @hostname suffix but I beleive these are still kopia’s internal user management and I guess it makes sense that those users would match the username and hostname of connecting client devices?
I see there’s some kind of ‘server’ control password as well but I’ll need to explore that separately!
Yes, that’s about it for a Kopia server. The repo password is needed to decrypt the repo. If you’re running a Kopia server, that will be done by it. Kopia clients need a password to authenticate to the Kopia server. Then there is a special Kopia UI account (server control password), which operates as a “master” account. It can connect to the server’s UI and manage all snapshots of all users/clients.
Lastly, there is the repo maintenance user, which will perform periodic maintenance on the whole repo without any client having anything to do with it.
Thanks. I don’t think I’ve set the control user/password but it seems I can manage all snapshots for all devices in the web GUI. I guess Kopia has set my main web GUI user as the control user?